Contents

  1. General Provisions
  2. Purpose and Scope of Data Collection
  3. Data Processing Basis and Period
  4. Right to Control, Access and Rectify Data
  5. Cookies
  6. Final Provisions

I. GENERAL PROVISIONS

1. The controller of personal data collected via the website of www.krpj.pl is Jedliński, Bierecki i Wspólnicy Kancelaria Radców Prawnych i Adwokatów sp. k., registered office: ul. 10 Lutego 5, 81-366 Gdynia, Poland, entered into the Register of Entrepreneurs under KRS: 0000393410, NIP: 585-14-62-157, REGON: 221489197, e-mail: sekretariat@krpj.pl, hereinafter referred to as ‘Controller’.

2. Personal data of a User shall be processed according to the Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (GDPR).

3. The Controller displays special diligence to protect interests of data subjects, in particular by providing that data he collects are:

  1. processed in accordance with law,
  2. collected for determined and legitimate purposes and not subject to any further processing that would be contrary to such objectives, and
  3. correct in terms of content and adequate to the purposes of their processing and stored in the form that enables the identification of data subjects for no more than necessary to fulfil the purpose of processing.

4. You may contact a data protection officer at iod@krpj.pl or by mail to the address of the Law Firm indicated in section 1.

II. PURPOSE AND SCOPE OF DATA COLLECTION

1. Personal data of users collected by the Controller shall be used for the following purposes:

  1. contacting a User (client),
  2. informative purposes and other activities related to the activity of the Controller on the website of www.krpj.pl,
  3. performing contracts and commercial processes, and
  4. marketing purposes (Newsletter).

2. The Controller shall process the following personal data of Users:

  1. Name,
  2. Address,
  3. E-mail,
  4. Phone number, and
  5. Other

3. The Controller may process the following data that determine the way of using e-services by the User (operational data):

  1. Determinations that identify a terminal of a telecommunication network or a data transmission system used by the User.
  2. Information on starting, completing and scope of every use of e-services by the User.
  3. Information on using e-services by the User.

4. Providing personal data mentioned in section 2 is necessary for the Controller to take measures on the website at  www.krpj.pl.

5. The Controller may transfer data to:

  • authorised public bodies,
  • entities that are the Controller’s client in cases that concern such orders,
  • mail services operators,
  • providers of consulting services,
  • providers of IT services, and
  • other service providers of the Controller pursuant to part II(1).

III. BASIS AND PERIOD OF DATA PROCESSING

1. Using the functionalities of the website, which requires the provision of personal data, is completely voluntary. A data subject takes an autonomous decision to use the functionalities of the www.krpj.pl website according to these Rules.

2. Pursuant to the Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (GDPR), personal data shall be processed according to art. 6(1)(a), (b), (c), (f), namely:
- the data subject has given consent to the processing,
- processing is necessary for the performance of a contract to which the data subject is party,
- or in order to take steps at the request of the data subject prior to entering a contract,
- and is necessary for the compliance with a legal obligation to which the Controller is subject and for the purposes of the legitimate interests pursued by the Controller.

3. Personal data processing by the Controller shall always be within the bases of admissible processing listed in section 2.

4. Personal data shall be processed for the period necessary to fulfil purposes of processing. During the performance of the contract, for the period until its termination and afterwards, data shall be processed for the period required by law or for the period necessary to seek claims. With respect to pursuing legitimate interests of the Controller, data shall be processed until the recognition of an objection filed against data processing.

IV.    RIGHT TO CONTROL, ACCESS AND RECTIFY PERSONAL DATA

1. A User shall have the right to access one’s personal data and rectify them.

2. Every person shall have the right to control processing of one’s data included in the data collection of the Controller, in particular the right to demand the supplementation, update or rectification of personal data, temporary or permanent suspension of their processing or their deletion, if they are incomplete, outdated, incorrect or were collected with the violation of law or are no longer necessary for the fulfilment of purpose for which they were collected.

3. In order to exercise the rights mentioned in sections 1 and 2 above, a User may send a relevant message to: iod@krpj.pl or a letter to the address indicated in part I(1).

4. A service customer shall have the right to file a complaint to a supervisory authority. In Poland, this authority is the Chairman of the Personal Data Protection Authority.

V. COOKIES

1. The website of the Controller uses cookies. If no changes are made by the User in the browser’s settings, it means giving consent to the use of cookies.

2. The installation of cookies is necessary for the proper operation of functionalities on the website. Cookies include information necessary for the proper operation of the website, in particular of elements that requires an authorization.

3. The following types of cookies are used on the website:

  • session
  • permanent
  • analytical

5. Session cookies are temporary files that are stored on an end device of a User until leaving the website.

6. Permanent cookies are stored on an end device of a User for a period determined in cookies parameters or until their deletion by a User.

7. Analytical cookies make it possible to find out more about the way in which a User interacts with content of the website and to arrange its layout better. Analytical cookies collect information about the way of using the website by Users, a type of site from which a User has been redirected and the number of visits of a User on a website and their time. Such information does not record any specific personal data of a User, but is used to develop statistics of using a website.

8. A User shall have the right to take a decision on access of cookies to one’s computer by their prior selection in the window of the browser. Detailed information on the options and ways of using cookies is available in software settings (of a browser).

VI. FINAL PROVISIONS

1. The Controller shall apply technical and organizational measures that provide protection of processed personal data adequate to hazards and categories of data subject to protection, and in particular shall protect data against making them accessible to unauthorised persons, being acquired by an unauthorised person, processing in violation of applicable laws or change, loss, damage or destruction.

2. The Controller shall make adequate technical measures accessible to prevent collecting and modifying e-mailed personal data by unauthorised persons.